As schools and workplaces have been forced to move their activities online, there is a growing need for organizations to be extra vigilant about their cybersecurity and the integrity of their networks. In the United States, the FBI’s Internet Crime Complaint Service released a public service announcement, advising that bad actors may take advantage of the increased use of virtual work environments through the use of cyber-attacks. An example for educational institutions comes from the University of Lethbridge, which recently warned faculty and students about an increase in phishing scams.
Protecting your organization from phishing
An article from eSchool News highlights common signs of phishing attempts, which usually come in the form of emails or messages. Phishing attacks try to lure people into revealing sensitive data by disguising themselves as legitimate individuals or institutions. At the University of Lethbridge, phishing attacks came in the form of emails from what appeared to be supervisors or colleagues asking staff to buy gift cards.
Some common signs of phishing attempts include misspelled URLs, spelling and grammatical errors, requests for sensitive information, and unrecognizable senders or links.
The Canadian government’s Centre for Cyber Security has published a useful one-page handout on phishing campaigns and malware scams you can share with members of your business, school, or non-profit – it’s easy to read, and can be found here.
Other tips for cybersecurity safety
The FBI’s public service announcement profiles further items every organization should consider:
- Restrict access to all remote meetings, virtual classrooms, or conference calls; always use unique passwords if possible. Do not share links to private meetings on any open web or social media pages.
- Use multi-factor authentication for accessing any organizational resources. An analogous example is two-factor authentication for personal banking: a unique password, and the requirement that you input a code from a text only your bank can send to your personal smartphone.
- Do not enable remote desktop access functions for your staff or members unless absolutely necessary.
Special tips for schools
An article in the IT security publication SC Magazine highlights special considerations for schools:
- Minimize any private information contained within e-learning platforms.
- Make sure staff and teachers are properly trained on privacy controls for any online platform you use.
- Ensure that all students, parents, and teachers are trained about the dangers of online scams and phishing. Provide resources and advice for parents that help them monitor the online safety of students at home.
Taking the proper steps to maximize the security of online activities will help maintain the security and safety of your organization and its resources.